-/* $OpenBSD: sha3.c,v 1.4 2023/04/15 18:07:44 jsing Exp $ */
+/* $OpenBSD: sha3.c,v 1.5 2023/04/15 18:14:21 jsing Exp $ */
/*
* The MIT License (MIT)
*
* SOFTWARE.
*/
-// sha3.c
-// 19-Nov-11 Markku-Juhani O. Saarinen <mjos@iki.fi>
-
-// Revised 07-Aug-15 to match with official release of FIPS PUB 202 "SHA3"
-// Revised 03-Sep-15 for portability + OpenSSL - style API
-
#include "sha3_internal.h"
-// update the state with given number of rounds
-
void
sha3_keccakf(uint64_t st[25])
{
- // constants
const uint64_t keccakf_rndc[24] = {
0x0000000000000001, 0x0000000000008082, 0x800000000000808a,
0x8000000080008000, 0x000000000000808b, 0x0000000080000001,
15, 23, 19, 13, 12, 2, 20, 14, 22, 9, 6, 1
};
- // variables
int i, j, r;
uint64_t t, bc[5];
#if __BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__
uint8_t *v;
- // endianess conversion. this is redundant on little-endian targets
for (i = 0; i < 25; i++) {
v = (uint8_t *) &st[i];
st[i] = ((uint64_t) v[0]) | (((uint64_t) v[1]) << 8) |
}
#endif
- // actual iteration
for (r = 0; r < KECCAKF_ROUNDS; r++) {
- // Theta
+ /* Theta */
for (i = 0; i < 5; i++)
bc[i] = st[i] ^ st[i + 5] ^ st[i + 10] ^ st[i + 15] ^ st[i + 20];
st[j + i] ^= t;
}
- // Rho Pi
+ /* Rho Pi */
t = st[1];
for (i = 0; i < 24; i++) {
j = keccakf_piln[i];
t = bc[0];
}
- // Chi
+ /* Chi */
for (j = 0; j < 25; j += 5) {
for (i = 0; i < 5; i++)
bc[i] = st[j + i];
st[j + i] ^= (~bc[(i + 1) % 5]) & bc[(i + 2) % 5];
}
- // Iota
+ /* Iota */
st[0] ^= keccakf_rndc[r];
}
#if __BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__
- // endianess conversion. this is redundant on little-endian targets
for (i = 0; i < 25; i++) {
v = (uint8_t *) &st[i];
t = st[i];
#endif
}
-// Initialize the context for SHA3
-
int
sha3_init(sha3_ctx_t *c, int mdlen)
{
return 1;
}
-// update state with more data
-
int
sha3_update(sha3_ctx_t *c, const void *data, size_t len)
{
return 1;
}
-// finalize and output a hash
-
int
sha3_final(void *md, sha3_ctx_t *c)
{
return 1;
}
-// compute a SHA-3 hash (md) of given byte length from "in"
-
void *
sha3(const void *in, size_t inlen, void *md, int mdlen)
{
return md;
}
-// SHAKE128 and SHAKE256 extensible-output functionality
-
+/* SHAKE128 and SHAKE256 extensible-output functionality. */
void
shake_xof(sha3_ctx_t *c)
{
-/* $OpenBSD: sha3_internal.h,v 1.3 2023/04/15 18:07:44 jsing Exp $ */
+/* $OpenBSD: sha3_internal.h,v 1.4 2023/04/15 18:14:21 jsing Exp $ */
/*
* The MIT License (MIT)
*
* SOFTWARE.
*/
-// sha3.h
-// 19-Nov-11 Markku-Juhani O. Saarinen <mjos@iki.fi>
-
#ifndef SHA3_H
#define SHA3_H
#define ROTL64(x, y) (((x) << (y)) | ((x) >> (64 - (y))))
#endif
-// state context
typedef struct {
- union { // state:
- uint8_t b[200]; // 8-bit bytes
- uint64_t q[25]; // 64-bit words
+ union {
+ uint8_t b[200]; /* State as 8 bit bytes. */
+ uint64_t q[25]; /* State as 64 bit words. */
} st;
- int pt, rsiz, mdlen; // these don't overflow
+ int pt, rsiz, mdlen;
} sha3_ctx_t;
-// Compression function.
void sha3_keccakf(uint64_t st[25]);
-// OpenSSL - like interfece
-int sha3_init(sha3_ctx_t *c, int mdlen); // mdlen = hash output in bytes
+int sha3_init(sha3_ctx_t *c, int mdlen);
int sha3_update(sha3_ctx_t *c, const void *data, size_t len);
-int sha3_final(void *md, sha3_ctx_t *c); // digest goes to md
+int sha3_final(void *md, sha3_ctx_t *c);
-// compute a sha3 hash (md) of given byte length from "in"
void *sha3(const void *in, size_t inlen, void *md, int mdlen);
-// SHAKE128 and SHAKE256 extensible-output functions
+/* SHAKE128 and SHAKE256 extensible-output functions. */
#define shake128_init(c) sha3_init(c, 16)
#define shake256_init(c) sha3_init(c, 32)
#define shake_update sha3_update
void shake_out(sha3_ctx_t *c, void *out, size_t len);
#endif
-
projects / openbsd / commitdiff